Cybersecurity
Organisations’ critical infrastructure systems are essential to their bottom line, ability to innovate and daily operations. It is an important part of an organisation’s overall risk management framework. The UK Cybersecurity module offers guidance on how to handle your Cybersecurity obligations. The module covers areas of law such as the 'Data Protection Act 2018', 'The Network and Information Systems Regulations 2018', 'General Data Protection Regulation 2016/679' and over 26 other compliance sources.
Module Scope:
Core Obligations
- Overview
- Asset Management
- Business Environment
- Governance
- Risk Assessment
- Risk Management Strategy
- Supply Chain Risk Management
- Identity Management, Authentication and Access Control
- Awareness and Training
- Data Security
- Information Protection Processes
- Maintenance
- Protective Technologies
- Anomalies and Events
- Security Continuous Monitoring
- Detection Processes
- Response Planning
- Communication
- Mitigation
- Improvements and Recovery Planning
- Communications
Legal Landscape
- Data Protection Act 2018
- Network and Information Systems Regulations 2018
- General Data Protection Regulation 2016/679
- Civil Contingencies Act 2004
- and 26 other compliance sources
Regulators & Enforcement Agencies
- Information Commissioner’s Office
- Financial Conduct Authority